Wednesday, December 12, 2012

At the start
of WWII and for most of the conflict the standard crypto system used by the
British for high level messages was the codebook enciphered with subtractor
tables. Both the Foreign Office and the military services relied on these
Cyphers for their most important traffic.

The codebook
was basically a dictionary that assigned a 4-figure group to each word.
For example the word ‘division’ would have the code 5538, ‘attack’ 2090,
‘artillery’ 0231 etc etc. So the cipher clerk would first use the codebook in
order to find the code groups corresponding to the words of the message and
then he would have to use the subtractor tables in order to encipher them. This
means that each codegroup would be subtracted from the key groups (of the
subtractor table) without carrying over the numbers.

The War
Office Cypher was the Army’s universal high-grade codebook (4-figure) and
carried traffic between Whitehall, Commands, Armies, Corps and, later,
divisions. There were different sets of enciphering tables for each geographic
area (Home Forces, Middle East, etc). The Germans
captured two copies of the WOC in 1940. One during the Norway campaign and the
other near Dunkirk. The compromise of the code allowed them to focus only on
stripping the cipher sequence. This was achieved by taking advantage of
‘depths’ (messages enciphered with the same numeric sequence).

According to
TICOM report I-51 ‘Interrogation Report on Ufrz. Herzfeld, Heintz Worfgang and
Translation of a Paper He Wrote on the British War
Office Code’, p16-17 (available
from site TICOM Archive), in 1941 the German Army’s signal intelligence agency
OKH/Inspectorate 7/VI evaluated intercepted British traffic from the Middle
East, identified the use of the WOC and from the summer of 1941 was able to
solve messages. First back traffic was solved from the Cyrenaica offensive
of General Wavell and then messages from Rommel’s offensive in early 1941. In
the period September ‘41-January ‘42 current traffic could be read.

This
information can be confirmed in part from the War Diary of Inspectorate 7/VI.
Unfortunately the reports of Referat 2-England are not available for the period
June-September ’41 but from October they show that WOC was read by the
department. The report of October ’41 says that WOC traffic in the period
November 1940 to March 1941 was enciphered with the same subtractor tables but
from April ’41 a new subtractor book was used for each month:

In November-December
’41 the addresses from the solved messages (identifying specific units) were issued
in confidential reports:

During 1941
the WOC decodes provided intelligence mainly on the order of battle and
movement of British units in the M.E. Theatre. It seems that some of the
decoded messages contained strength returns as an Enigma message decoded by
Bletchley Park in October ’41 gave a summary of the increase in British ground
strength in Egypt and the tank strength estimate was so accurate that the War
Office was ‘very concerned’.

The main
German success with WOC came during the period November-December ’41, when they
could follow the British operation Crusader. The
official history ‘British intelligence in the Second World War’ vol2, p298
says:

‘If under-estimation of the quality of
Rommel's equipment was one reason why British confidence was high when the
Crusader offensive began, another was the failure to allow for the efficiency
of his field intelligence. By August 1941 the Germans were regularly reading
the War Office high-grade hand cypher which carried a good deal of Eighth
Army's W/T traffic down to division level, and they continued to do so until
January 1942. Until then, when their success was progressively reduced by
British improvements to the recyphering system, whereas GC and CS's success
against the German Army Enigma continued to expand, this cypher provided them
with at least as much intelligence about Eighth Army's strengths and order of
battle as Eighth Army was obtaining about those of Rommel's forces.’

The British
knew that the WOC was in enemy hands and could be exploited but they had no
alternative than to keep using it. Security was upgraded in late ’41 and from
early ’42 the Germans could not solve messages. The traffic continued to be
investigated during 1942 and back traffic was solved but not current messages.

This was not
the end of the German solution. According to Herzfeld, the WOC used by Home
Forces in Britain was solved in 1943. After investigating the intercepted
messages in late 1942 it was discovered that the Brits had added code groups in
the WOC for the most commonly used phrases.

Based on
these findings back traffic of 1942 up to end of January ’43 was read, as can
be seen from the War Diary of Inspectorate 7/VI:

This would be
their last success with the WOC as in 1943 the subtractor tables were replaced
by the new stencil cipher which proved to be unbreakable.

Conclusion

Signals
intelligence and codebreaking played an important role in WWII. In the first
half of the war the German sigint agencies were able to exploit several high
level British cryptologic systems.

One of these
was the British Army’s War Office Cypher and the decoded messages from the M.E. Theatre in 1941 gave them valuable intelligence, especially during the Crusader
offensive.

Sources: ‘Intelligence and strategy: selected
essays’, ‘British intelligence in the Second World War’ vol2,TICOM reports I-51, I-113, IF-107, CSDIC SIR
1704-‘The organization and history of the Cryptologic service within the German
Army’, CSDIC/CMF/Y 40-'First Detailed Interrogation Report on Barthel Thomas’, ‘European
Axis Signal Intelligence in World War II’ vol1 and 4, , Cryptologia article:
‘Brigadier John Tiltman: One of Britain’s finest cryptologists’, War Diary
Inspectorate 7/VI

Thursday, December 6, 2012

A file in HW 40/89 ‘Investigation into POW reports that
German Sigint authorities exploited TYPEX (British cypher machine)’ has details
on the use of the Typex cipher machine. Specifically the introduction of new
rotors, detachable rotor cores (called inserts) and the rewirable reflector (called
plugboard in the report):